Thanks for the review.
On Mon, Jun 9, 2025 at 8:03 PM Mallory Knodel via Datatracker <noreply@xxxxxxxx> wrote:
Document: draft-ietf-lamps-kyber-certificates
Title: Internet X.509 Public Key Infrastructure - Algorithm Identifiers for the
Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) Reviewer: Mallory
Knodel Review result: Ready with Nits
I am the assigned Gen-ART reviewer for this draft. The General Area
Review Team (Gen-ART) reviews all IETF documents being processed
by the IESG for the IETF Chair. Please treat these comments just
like any other last call comments.
For more information, please see the FAQ at
<https://wiki.ietf.org/en/group/gen/GenArtFAQ>.
Document: draft-ietf-lamps-kyber-certificates-??
Reviewer: Mallory Knodel
Review Date: 2025-06-09
IETF LC End Date: 2025-06-06
IESG Telechat date: Not scheduled for a telechat
Summary: The draft defines how ML-KEM is represented in X.509. It defines
algorithm identifiers, public- and private-key structures, key-usage semantics,
and provides examples. It's certainly thorough, and follows related RFCs well.
Major issues: None.
Minor issues: None.
Nits/editorial comments:
* Suggest slight rewrite for the second of the two sentences in Section 5: "If
the keyUsage extension is present in a certificate that indicates
id-alg-ml-kem-* in the SubjectPublicKeyInfo, then the keyEncipherment bit MUST
be the only key usage set."
* Section 8: Private Key Consistency TESTING
I'm not quite sure what you mean with this. Could you elaborate?
* Section 9: Suggest pulling in simply the headings or abstract of what is
included in draft-sfluhrer-cfrg-ml-kem-security-considerations, making this
paragraph just one sentence longer, which could help the reader to know on the
order of what security considerations might be explained further.
I couldn't think of any particular bits to highlight, so I tweaked and moved the sentence instead. Does this help? https://github.com/lamps-wg/kyber-certificates/pull/126
* Each subsection of Appendix C has repeated text that could be placed in the
stacked head of that section. Furthermore one might use that intro text space
before each subsection to point out anything that the reader might want to
know or not be able to spot when holding them side-by-side. So, rather tell
then show. Or, both show and tell, please. For readability and utility to the
reader.
Personally I like the repetition: it's quite hard to scroll past all the blocks of hex for the common text, but happy to make the change.
Thanks for the great work!
Thank you!
Best,
Bas
_______________________________________________
Spasm mailing list -- spasm@xxxxxxxx
To unsubscribe send an email to spasm-leave@xxxxxxxx
-- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
